Patents by Inventor Gary Barton
Gary Barton has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 9942240Abstract: Methods and systems are disclosed for providing approaches to anonymous application wrapping on a mobile device. The methods and systems may include receiving, by a controller service, a request to associate a first application executing on a client device with the controller service, and obtaining, by the controller service, a first application identifier associated with the first application. The methods and systems may also include receiving, by the controller service from an application service, a request for a first service and a conditional application identifier, and configuring, by the controller service and based on the request for the first service, the first application with a second set of one or more policy instructions used to control the first application.Type: GrantFiled: July 21, 2015Date of Patent: April 10, 2018Assignee: Citrix Systems, Inc.Inventors: Richard Hayton, Georgy Momchilov, Gary Barton, Andrew Innes
-
Patent number: 9858428Abstract: Various aspects of the disclosure relate to providing secure containers or data vaults for data of one or more managed applications. In some embodiments, each managed application may be assigned its own private data vault and/or may be assigned a shared data vault that is accessible to at least one other managed application. As the managed application executes, calls for access to the data may be intercepted and redirected to the secure containers. Data stored in a secure container may be encrypted according to a policy. Other aspects relate to deleting data from a secure container, such as via a selective wipe of data associated with a managed application. Further aspects relate to configuring and creating the secure containers, retrieving key information required to encrypt/decrypt the data stored in the secure containers, and publishing the managed applications, policy information and key information for download to a mobile device.Type: GrantFiled: February 2, 2017Date of Patent: January 2, 2018Assignee: Citrix Systems, Inc.Inventors: Gary Barton, Zhongmin Lang, Nitin Desai, James Robert Walker
-
Patent number: 9838398Abstract: A method of managing access to enterprise resources is provided. An access manager may operate at a mobile device to validate a mobile application installed at that mobile device. If the access manager does not successfully validate the mobile application, the access manager may prevent the mobile application from accessing computing resource. If the access manager does successfully validate the mobile application, then the access manager may identify the mobile application as a trusted mobile application. The access manager may thus permit the trusted mobile application to access the computing resource.Type: GrantFiled: January 26, 2016Date of Patent: December 5, 2017Assignee: Citrix Systems, Inc.Inventors: Gary Barton, Zhongmin Lang, James Robert Walker
-
Publication number: 20170293767Abstract: Methods and systems for communicating information between mobile applications are presented. In some embodiments, a mobile device may determine that a plurality of applications are running on the mobile device. The mobile device may determine that each application of the plurality of applications uses a shared passcode to encrypt information about a persistent state. The mobile device may generate a beacon that includes encrypted state information. The mobile device may maintain state information across the plurality of applications beyond the lifetime of any one of the plurality of applications by transmitting the beacon from a first application to a second application before the first application's lifetime is completed.Type: ApplicationFiled: June 27, 2017Publication date: October 12, 2017Inventors: Gary Barton, Richard Hayton, Andrew Carnegie Innes, Georgy Momchilov
-
Patent number: 9729520Abstract: Methods and systems for communicating information between mobile applications are presented. In some embodiments, a mobile device may determine that a plurality of applications are running on the mobile device. The mobile device may determine that each application of the plurality of applications uses a shared passcode to encrypt information about a persistent state. The mobile device may generate a beacon that includes encrypted state information. The mobile device may maintain state information across the plurality of applications beyond the lifetime of any one of the plurality of applications by transmitting the beacon from a first application to a second application before the first application's lifetime is completed.Type: GrantFiled: May 5, 2015Date of Patent: August 8, 2017Assignee: Citrix Systems, Inc.Inventors: Gary Barton, Richard Hayton, Andrew Innes, Georgy Momchilov
-
Publication number: 20170192763Abstract: Methods and systems are disclosed for providing approaches to generating managed applications from unmanaged applications on a mobile device. The methods and systems may include storing, by a mobile device in a memory of the mobile device, one or more unmanaged applications each comprising a corresponding application bundle and decoding, by the mobile device, the retrieved application bundle corresponding to the first unmanaged application. The methods and systems may also include modifying, by the mobile device, the decoded application bundle corresponding to the first unmanaged application by adding a set of one or more policy-based control instructions, compiling, by the mobile device, the modified application bundle to generate a first managed application, the first managed application being configured to operate in accordance with the set of one or more policy-based control instructions, and providing, by the mobile device, the first managed application.Type: ApplicationFiled: June 26, 2015Publication date: July 6, 2017Applicant: CITRIX SYSTEMS, INC.Inventors: James Walker, Zhongmin Lang, Gary Barton, Vipin Aravindakshan
-
Publication number: 20170147825Abstract: Various aspects of the disclosure relate to providing secure containers or data vaults for data of one or more managed applications. In some embodiments, each managed application may be assigned its own private data vault and/or may be assigned a shared data vault that is accessible to at least one other managed application. As the managed application executes, calls for access to the data may be intercepted and redirected to the secure containers. Data stored in a secure container may be encrypted according to a policy. Other aspects relate to deleting data from a secure container, such as via a selective wipe of data associated with a managed application. Further aspects relate to configuring and creating the secure containers, retrieving key information required to encrypt/decrypt the data stored in the secure containers, and publishing the managed applications, policy information and key information for download to a mobile device.Type: ApplicationFiled: February 2, 2017Publication date: May 25, 2017Inventors: Gary Barton, Zhongmin Lang, Nitin Desai, James Robert Walker
-
Patent number: 9654508Abstract: Various aspects of the disclosure relate to configuring and providing policies that manage execution of mobile applications. In some embodiments, a user interface may be generated that allows an IT administrator or other operator to set, change and/or add to policy settings. The policy settings can be formatted into a policy file and be made available for download to a mobile device, such as via an application store or to be pushed to the mobile device as part of a data push service. The mobile device, based on the various settings included in the policy file, may perform various actions to enforce the security constraints that are represented by the policy. The various settings that can be included in a policy are numerous and some examples and variations thereof are described in connection with the example embodiments discussed herein.Type: GrantFiled: October 7, 2014Date of Patent: May 16, 2017Assignee: Citrix Systems, Inc.Inventors: Gary Barton, Zhongmin Lang, Nitin Desai, James Robert Walker
-
Patent number: 9602474Abstract: Various aspects of the disclosure relate to providing secure containers or data vaults for data of one or more managed applications. In some embodiments, each managed application may be assigned its own private data vault and/or may be assigned a shared data vault that is accessible to at least one other managed application. As the managed application executes, calls for access to the data may be intercepted and redirected to the secure containers. Data stored in a secure container may be encrypted according to a policy. Other aspects relate to deleting data from a secure container, such as via a selective wipe of data associated with a managed application. Further aspects relate to configuring and creating the secure containers, retrieving key information required to encrypt/decrypt the data stored in the secure containers, and publishing the managed applications, policy information and key information for download to a mobile device.Type: GrantFiled: January 28, 2015Date of Patent: March 21, 2017Assignee: Citrix Systems, Inc.Inventors: Gary Barton, Zhongmin Lang, Nitin Desai, James Robert Walker
-
Publication number: 20170063839Abstract: Various aspects of the disclosure relate to providing a per-application policy-controlled virtual private network (VPN) tunnel. In some embodiments, tickets may be used to provide access to an enterprise resource without separate authentication of the application and, in some instances, can be used in such a manner as to provide a seamless experience to the user when reestablishing a per-application policy controlled VPN tunnel during the lifetime of the ticket. Additional aspects relate to an access gateway providing updated policy information and tickets to a mobile device. Other aspects relate to selectively wiping the tickets from a secure container of the mobile device. Yet further aspects relate to operating applications in multiple modes, such as a managed mode and an unmanaged mode, and providing authentication-related services based on one or more of the above aspects.Type: ApplicationFiled: November 9, 2016Publication date: March 2, 2017Inventors: Gary Barton, Zhongmin Lang, Nitin Desai, James Robert Walker
-
Publication number: 20170054760Abstract: Improved techniques for managing enterprise applications on mobile devices are described herein. Each enterprise mobile application running on the mobile device has an associated policy through which it interacts with its environment. The policy selectively blocks or allows activities involving the enterprise application in accordance with rules established by the enterprise. Together, the enterprise applications running on the mobile device form a set of managed applications. Managed applications are typically allowed to exchange data with other managed applications, but are blocked from exchanging data with other applications, such as the user's own personal applications. Policies may be defined to manage data sharing, mobile resource management, application specific information, networking and data access solutions, device cloud and transfer, dual mode application software, enterprise app store access, and virtualized application and resources, among other things.Type: ApplicationFiled: November 8, 2016Publication date: February 23, 2017Inventors: Gary Barton, James Robert Walker, Nitin Desai, Zhongmin Lang
-
Publication number: 20170048204Abstract: Various aspects of the disclosure relate to providing secure containers or data vaults for data of one or more managed applications. In some embodiments, each managed application may be assigned its own private data vault and/or may be assigned a shared data vault that is accessible to at least one other managed application. As the managed application executes, calls for access to the data may be intercepted and redirected to the secure containers. Data stored in a secure container may be encrypted according to a policy. Other aspects relate to deleting data from a secure container, such as via a selective wipe of data associated with a managed application. Further aspects relate to configuring and creating the secure containers, retrieving key information required to encrypt/decrypt the data stored in the secure containers, and publishing the managed applications, policy information and key information for download to a mobile device.Type: ApplicationFiled: January 28, 2015Publication date: February 16, 2017Inventors: Gary Barton, Zhongmin Lang, Nitin Desai, James Robert Walker
-
Publication number: 20170026383Abstract: Methods and systems are disclosed for providing approaches to anonymous application wrapping on a mobile device. The methods and systems may include receiving, by a controller service, a request to associate a first application executing on a client device with the controller service, and obtaining, by the controller service, a first application identifier associated with the first application. The methods and systems may also include receiving, by the controller service from an application service, a request for a first service and a conditional application identifier, and configuring, by the controller service and based on the request for the first service, the first application with a second set of one or more policy instructions used to control the first application.Type: ApplicationFiled: July 21, 2015Publication date: January 26, 2017Inventors: Richard Hayton, Georgy Momchilov, Gary Barton, Andrew Innes
-
Patent number: 9521147Abstract: Improved techniques for managing enterprise applications on mobile devices are described herein. Each enterprise mobile application running on the mobile device has an associated policy through which it interacts with its environment. The policy selectively blocks or allows activities involving the enterprise application in accordance with rules established by the enterprise. Together, the enterprise applications running on the mobile device form a set of managed applications. Managed applications are typically allowed to exchange data with other managed applications, but are blocked from exchanging data with other applications, such as the user's own personal applications. Policies may be defined to manage data sharing, mobile resource management, application specific information, networking and data access solutions, device cloud and transfer, dual mode application software, enterprise app store access, and virtualized application and resources, among other things.Type: GrantFiled: July 24, 2014Date of Patent: December 13, 2016Assignee: Citrix Systems, Inc.Inventors: Gary Barton, James Robert Walker, Nitin Desai, Zhongmin Lang
-
Patent number: 9521117Abstract: Various aspects of the disclosure relate to providing a per-application policy-controlled virtual private network (VPN) tunnel. In some embodiments, tickets may be used to provide access to an enterprise resource without separate authentication of the application and, in some instances, can be used in such a manner as to provide a seamless experience to the user when reestablishing a per-application policy controlled VPN tunnel during the lifetime of the ticket. Additional aspects relate to an access gateway providing updated policy information and tickets to a mobile device. Other aspects relate to selectively wiping the tickets from a secure container of the mobile device. Yet further aspects relate to operating applications in multiple modes, such as a managed mode and an unmanaged mode, and providing authentication-related services based on one or more of the above aspects.Type: GrantFiled: November 7, 2014Date of Patent: December 13, 2016Assignee: Citrix Systems, Inc.Inventors: Gary Barton, Zhongmin Lang, Nitin Desai, James Robert Walker
-
Publication number: 20160301666Abstract: Various aspects of the disclosure relate to providing a per-application policy-controlled virtual private network (VPN) tunnel. In some embodiments, tickets may be used to provide access to an enterprise resource without separate authentication of the application and, in some instances, can be used in such a manner as to provide a seamless experience to the user when reestablishing a per-application policy controlled VPN tunnel during the lifetime of the ticket. Additional aspects relate to an access gateway providing updated policy information and tickets to a mobile device. Other aspects relate to selectively wiping the tickets from a secure container of the mobile device. Yet further aspects relate to operating applications in multiple modes, such as a managed mode and an unmanaged mode, and providing authentication-related services based on one or more of the above aspects.Type: ApplicationFiled: November 7, 2014Publication date: October 13, 2016Inventors: Gary Barton, Zhongmin Lang, Nitin Desai, James Robert Walker
-
Patent number: 9467474Abstract: Various aspects of the disclosure relate to configuring and providing policies that manage execution of mobile applications. In some embodiments, a user interface may be generated that allows an IT administrator or other operator to set, change and/or add to policy settings. The policy settings can be formatted into a policy file and be made available for download to a mobile device, such as via an application store or to be pushed to the mobile device as part of a data push service. The mobile device, based on the various settings included in the policy file, may perform various actions to enforce the security constraints that are represented by the policy. The various settings that can be included in a policy are numerous and some examples and variations thereof are described in connection with the example embodiments discussed herein.Type: GrantFiled: April 1, 2014Date of Patent: October 11, 2016Assignee: Citrix Systems, Inc.Inventors: Gary Barton, Zhongmin Lang, Nitin Desai, James Walker
-
Publication number: 20160182530Abstract: A method and system for operating an application with multiple modes are described. A plurality of applications may be presented to a user on a mobile device and one of the displayed applications may be selected. The selected application may have one or more contexts that are determined based on one or more operational parameters. For example, a context for the selected application may be that the application is configured to access an enterprise account. Based on the context, the selected application may be run on the mobile device in one of a plurality of operations modes. The operation modes may comprise managed, unmanaged, and partially managed modes, among others.Type: ApplicationFiled: March 1, 2016Publication date: June 23, 2016Inventors: Zhongmin Lang, Gary Barton
-
Publication number: 20160173503Abstract: Aspects described herein relate to controlling incoming data processing requests or messages and whether the incoming data processing requests are allowed to reach destination applications unmodified. The destination application may be a secure application operating within a secure application wrapper, and the secure application wrapper may determine whether and how much of the request or message is allowed to pass into a managed partition or through the secure application wrapper to reach the secure application for processing.Type: ApplicationFiled: December 14, 2015Publication date: June 16, 2016Inventors: Jason Knight, Nitin Desai, Gary Barton, Sameer Mehta
-
Publication number: 20160142418Abstract: A method of managing access to enterprise resources is provided. An access manager may operate at a mobile device to validate a mobile application installed at that mobile device. If the access manager does not successfully validate the mobile application, the access manager may prevent the mobile application from accessing computing resource. If the access manager does successfully validate the mobile application, then the access manager may identify the mobile application as a trusted mobile application. The access manager may thus permit the trusted mobile application to access the computing resource.Type: ApplicationFiled: January 26, 2016Publication date: May 19, 2016Inventors: Gary Barton, Zhongmin Lang, James Robert Walker